CVE-2020-7538 in Se and Schneider Electric Products
Published on November 19, 2020
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause a crash of the PLC simulator present in EcoStruxureª Control Expert software when receiving a specially crafted request over Modbus.
Weakness Type
Improper Check for Unusual or Exceptional Conditions
The software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.
Products Associated with CVE-2020-7538
stack.watch emails you whenever new vulnerabilities are published in Se Ecostruxure Control Expert or Schneider Electric Ecostruxure Control Expert. Just hit a watch button to start following.
Exploit Probability
EPSS
0.46%
Percentile
63.49%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.